Fuzzing: The State of the Art

The paper provided a general introduction to fuzzing as of 2012 and simply serves as a starting point to issues in vulnerability discovery using fuzzing. Fuzzing is a simple idea but made more sophisticated with notions of white-box fuzzing, generative fuzzers, grammar fuzzers, black-box mutational fuzzers and so on. An important fuzzer not covered in this paper is AFL which is state of the art if you have source code. We'll talk about that. Our readings will get more technical from this point.

Cyber Spot

We will spend ten minutes covering Lockheed-Martin's very useful model called the "Cyber Kill Chain". It's a conceptual framework that can help understand and organise thinking around what cyber operations and effects are, how an attacker thinks and operates and what a defender can do in terms of counter-measures.Lockheed-Martin's Cyber Kill ChainWikipedia Cyber Kill Chain